X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/6eb71547dd5ba29d18bf8f19213e58e5d785a015..d048e9c64aca24b8e064aaf1608862b50c427de2:/IkiWiki/Plugin/comments.pm diff --git a/IkiWiki/Plugin/comments.pm b/IkiWiki/Plugin/comments.pm index ceb7c7836..58bd4b851 100644 --- a/IkiWiki/Plugin/comments.pm +++ b/IkiWiki/Plugin/comments.pm @@ -221,7 +221,9 @@ sub preprocess { } if (defined $params{subject}) { - $pagestate{$page}{meta}{title} = $params{subject}; + # decode title the same way meta does + eval q{use HTML::Entities}; + $pagestate{$page}{meta}{title} = decode_entities($params{subject}); } if ($params{page} =~ m/\/\Q$config{comments_pagename}\E\d+_/) { @@ -336,7 +338,7 @@ sub editcomment ($$) { my $page = $form->field('page'); $page = IkiWiki::possibly_foolish_untaint($page); if (! defined $page || ! length $page || - IkiWiki::file_pruned($page, $config{srcdir})) { + IkiWiki::file_pruned($page)) { error(gettext("bad page name")); } @@ -546,7 +548,7 @@ sub commentmoderation ($$) { # pending comment before untainting. my ($f)= $id =~ /$config{wiki_file_regexp}/; if (! defined $f || ! length $f || - IkiWiki::file_pruned($f, $config{srcdir})) { + IkiWiki::file_pruned($f)) { error("illegal file"); } @@ -642,18 +644,14 @@ sub comments_pending () { find({ no_chdir => 1, wanted => sub { - $_=decode_utf8($_); - if (IkiWiki::file_pruned($_, $dir)) { - $File::Find::prune=1; - } - elsif (! -l $_ && ! -d _) { - $File::Find::prune=0; - my ($f)=/$config{wiki_file_regexp}/; # untaint - if (defined $f && $f =~ /\Q._comment\E$/) { - my $ctime=(stat($f))[10]; - $f=~s/^\Q$dir\E\/?//; - push @ret, [$f, $ctime]; - } + my $file=decode_utf8($_); + $file=~s/^\Q$dir\E\/?//; + return if ! length $file || IkiWiki::file_pruned($file) + || -l $_ || -d _ || $file !~ /\Q._comment\E$/; + my ($f) = $file =~ /$config{wiki_file_regexp}/; # untaint + if (defined $f) { + my $ctime=(stat($_))[10]; + push @ret, [$f, $ctime]; } } }, $dir); @@ -862,7 +860,7 @@ sub page_to_id ($) { eval q{use Digest::MD5 'md5_hex'}; error($@) if $@; - return "comment-".md5_hex(Encode::encode_utf8(($page)); + return "comment-".md5_hex(Encode::encode_utf8(($page))); } package IkiWiki::PageSpec;